AliyunComputeNestUserFullAccess 是阿里云管理的产品系统策略,您可以将 AliyunComputeNestUserFullAccess 授权给 RAM 身份(RAM 用户、RAM 用户组和 RAM 角色),本策略定义了管理计算巢服务(ComputeNest)的用户侧权限。
策略详情
类型:系统策略
创建时间:2022-01-05 05:27:00
更新时间:2022-09-08 01:48:58
当前版本:v3
策略内容
{
"Version": "1",
"Statement": [
{
"Action": [
"computenest:*"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"oos:GetParametersByPath",
"oos:GetParameter",
"oos:UpdateParameter"
],
"Resource": "acs:oos:*:*:parameter/computenest/*",
"Effect": "Allow"
},
{
"Action": [
"oos:GetSecretParametersByPath",
"oos:GetSecretParameter",
"oos:UpdateSecretParameter"
],
"Resource": "acs:oos:*:*:secretparameter/computenest/*",
"Effect": "Allow"
},
{
"Action": [
"kms:GetSecretValue",
"kms:PutSecretValue"
],
"Resource": "acs:kms:*:*:secret/oos/computenest/*",
"Effect": "Allow"
},
{
"Action": [
"ram:CreateServiceLinkedRole"
],
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": [
"user.computenest.aliyuncs.com"
]
}
}
},
{
"Action": [
"ram:CreateRole",
"ram:GetRole"
],
"Resource": "acs:ram:*:*:role/AliyunCloudMonitorSendOperationMessageToComputeNestRole",
"Effect": "Allow"
}
]
}